Automated execution and evaluation of network-based training exercises
First Claim
1. A method comprising:
- during a computer-based training exercise, initiating, by an attack system, a simulated attack against a target system, wherein the target system is configured to respond to actions specified by a human trainee, wherein the target system performs a corrective or preventive action that is specified by the human trainee in response to the simulated attack, and wherein the attack system is configured to initiate a change in the simulated attack by dynamically responding to the corrective or preventive action performed by the target system and specified by the human trainee;
collecting information associated with the corrective or preventive action performed by the target system in response to the simulated attack; and
based on the corrective or preventive action performed by the target system;
updating a state of the attack system;
automatically generating, by the attack system and based on the updated state of the attack system, dynamic response data;
sending the dynamic response data from the attack system to the target system, wherein sending the dynamic response data initiates the change in the simulated attack against the target system; and
upon completion of the training exercise, generating an automated evaluation of a performance of the human trainee.
0 Assignments
0 Petitions
Accused Products
Abstract
This disclosure generally relates to automated execution and evaluation of computer network training exercises, such as in a virtual machine environment. An example environment includes a control and monitoring system, an attack system, and a target system. The control and monitoring system initiates a training scenario to cause the attack system to engage in an attack against the target system. The target system then performs an action in response to the attack. Monitor information associated with the attack against the target system is collected by continuously monitoring the training scenario. The attack system is then capable of sending dynamic response data to the target system, wherein the dynamic response data is generated according to the collected monitor information to adapt the training scenario to the action performed by the target system. The control and monitoring system then generates an automated evaluation based upon the collected monitor information.
103 Citations
22 Claims
-
1. A method comprising:
-
during a computer-based training exercise, initiating, by an attack system, a simulated attack against a target system, wherein the target system is configured to respond to actions specified by a human trainee, wherein the target system performs a corrective or preventive action that is specified by the human trainee in response to the simulated attack, and wherein the attack system is configured to initiate a change in the simulated attack by dynamically responding to the corrective or preventive action performed by the target system and specified by the human trainee; collecting information associated with the corrective or preventive action performed by the target system in response to the simulated attack; and based on the corrective or preventive action performed by the target system; updating a state of the attack system; automatically generating, by the attack system and based on the updated state of the attack system, dynamic response data; sending the dynamic response data from the attack system to the target system, wherein sending the dynamic response data initiates the change in the simulated attack against the target system; and upon completion of the training exercise, generating an automated evaluation of a performance of the human trainee. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium comprising instructions that, when executed, cause one or more processors to:
-
during a training exercise, initiate, by an attack system, a simulated attack against a target system, wherein the target system is configured to respond to actions specified by a human trainee, wherein the target system performs a corrective or preventive action that is specified by the human trainee in response to the simulated attack, and wherein the attack system is configured to initiate a change in the simulated attack by dynamically responding to the corrective or preventive action performed by the target system and specified by the human trainee; collect information associated with the corrective or preventive action performed by the target system in response to the simulated attack; and based on the corrective or preventive action performed by the target system; update a state of the attack system; automatically generate, by the attack system and based on the updated state of the attack system, dynamic response data; send the dynamic response data from the attack system to the target system, wherein sending the dynamic response data initiates the change in the simulated attack against the target system; and upon completion of the training exercise, generate an automated evaluation of a performance of the human trainee. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
one or more processors, wherein the one or more processors are configured to; during a training exercise, initiate, by an attack system, a simulated attack against a target system, wherein the target system is configured to respond to actions specified by a human trainee, wherein the target system performs a corrective or preventive action that is specified by the human trainee in response to the simulated attack, and wherein the attack system is configured to initiate a change in the simulated attack by dynamically responding to the corrective or preventive action performed by the target system and specified by the human trainee; collect information associated with the corrective or preventive action performed by the target system in response to the simulated attack; and based on the corrective or preventive action performed by the target system; update a state of the attack system; automatically generate, by the attack system and based on the updated state of the attack system, dynamic response data; send the dynamic response data from the attack system to the target system, wherein sending the dynamic response data initiates the change in the simulated attack against the target system; and upon completion of the training exercise, generate an automated evaluation of a performance of the human trainee. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
Specification